Avoiding Common Security Flaws in Composed Service-Oriented Systems

Abstract

Network-centric information systems are increasingly called upon to support complex tasks and missions that serve multiple communities of interest. As a result, existing capabilities are exposed as services in a service-oriented system, and newer capabilities are derived by discovering and composing available services. While service-orientation enables and facilitates such composition-based system construction, the evolving nature and variety of standards and the varying level of compliance of otherwise feature-rich vendor products has made achieving acceptable level of security and resilience in such systems a daunting and error-prone task. This paper presents a number of factors that contribute to the security of composed service-oriented systems, and outlines ways to avoid common pitfalls and mistakes that stem from these factors and weaken the resiliency and survivability of the composed system.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 2012
Accession Number
ADA562042

Entities

People

  • Asher Sinclair
  • Joseph Loyall
  • Michael Atighetchi
  • Partha Pal

Organizations

  • Air Force Research Laboratory

Tags

Communities of Interest

  • Cyber
  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Air Force Research Laboratories
  • Command And Control
  • Computer Programs
  • Computing System Architectures
  • Construction
  • Control Systems
  • Cyberattacks
  • Defense Mechanisms
  • Deployment
  • Engineering
  • Information Operations
  • Information Systems
  • Models
  • Network Protocols
  • Security
  • Software Development
  • Standards

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Educational Psychology
  • Software Engineering.